- 18 Jan, 2018 1 commit
-
-
Roberto Vargas authored
This patch add supports for the new API added for BL2 at EL3 for FVP. We don't have a non-TF Boot ROM for FVP, but this option can be tested setting specific parameters in the model. The bl2 image is loaded directly in memory instead of being loaded by a non-TF Boot ROM and the reset address is changed: --data cluster0.cpu0=bl2.bin@0x4001000 -C cluster0.cpu0.RVBAR=0x4001000 These parameters mean that in the cold boot path the processor will jump to BL2 again. For this reason, BL2 is loaded in dram in this case, to avoid other images reclaiming BL2 memory. Change-Id: Ieb2ff8535a9e67ccebcd8c2212cad366e7776422 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 03 Jan, 2018 1 commit
-
-
Dimitris Papastamos authored
To allow BL31 to grow in SRAM, move TSP in TZC secured DRAM by default. Increase the BL31 max limit by one page. Change-Id: Idd3479be02f0f9bafac2f275376d7db0c2015431 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 19 Dec, 2017 1 commit
-
-
Jeenu Viswambharan authored
With this patch, ARM platforms are expected to define the macros PLAT_ARM_SDEI_PRIVATE_EVENTS and PLAT_ARM_SDEI_SHARED_EVENTS as a list of private and shared events, respectively. This allows for individual platforms to define their own events. Change-Id: I66851fdcbff83fd9568c2777ade9eb12df284b49 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 06 Dec, 2017 1 commit
-
-
Antonio Nino Diaz authored
A new platform define, `PLAT_SP_IMAGE_XLAT_SECTION_NAME`, has been introduced to select the section where the translation tables used by the S-EL1/S-EL0 are placed. This define has been used to move the translation tables to DRAM secured by TrustZone. Most of the extra needed space in BL31 when SPM is enabled is due to the large size of the translation tables. By moving them to this memory region we can save 44 KiB. A new argument has been added to REGISTER_XLAT_CONTEXT2() to specify the region where the translation tables have to be placed by the linker. Change-Id: Ia81709b4227cb8c92601f0caf258f624c0467719 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 29 Nov, 2017 2 commits
-
-
Soby Mathew authored
This patch fixes a couple of issues for AArch32 builds on ARM reference platforms : 1. The arm_def.h previously defined the same BL32_BASE value for AArch64 and AArch32 build. Since BL31 is not present in AArch32 mode, this meant that the BL31 memory is empty when built for AArch32. Hence this patch allocates BL32 to the memory region occupied by BL31 for AArch32 builds. As a side-effect of this change, the ARM_TSP_RAM_LOCATION macro cannot be used to control the load address of BL32 in AArch32 mode which was never the intention of the macro anyway. 2. A static assert is added to sp_min linker script to check that the progbits are within the bounds expected when overlaid with other images. 3. Fix specifying `SPD` when building Juno for AArch32 mode. Due to the quirks involved when building Juno for AArch32 mode, the build option SPD needed to specifed. This patch corrects this and also updates the documentation in the user-guide. 4. Exclude BL31 from the build and FIP when building Juno for AArch32 mode. As a result the previous assumption that BL31 must be always present is removed and the certificates for BL31 is only generated if `NEED_BL31` is defined. Change-Id: I1c39bbc0abd2be8fbe9f2dea2e9cb4e3e3e436a8 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Antonio Nino Diaz authored
When defining different sections in linker scripts it is needed to align them to multiples of the page size. In most linker scripts this is done by aligning to the hardcoded value 4096 instead of PAGE_SIZE. This may be confusing when taking a look at all the codebase, as 4096 is used in some parts that aren't meant to be a multiple of the page size. Change-Id: I36c6f461c7782437a58d13d37ec8b822a1663ec1 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 20 Nov, 2017 1 commit
-
-
Dimitris Papastamos authored
Factor out SPE operations in a separate file. Use the publish subscribe framework to drain the SPE buffers before entering secure world. Additionally, enable SPE before entering normal world. A side effect of this change is that the profiling buffers are now only drained when a transition from normal world to secure world happens. Previously they were drained also on return from secure world, which is unnecessary as SPE is not supported in S-EL1. Change-Id: I17582c689b4b525770dbb6db098b3a0b5777b70a Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 13 Nov, 2017 3 commits
-
-
Jeenu Viswambharan authored
Support SDEI on ARM platforms using frameworks implemented in earlier patches by defining and exporting SDEI events: this patch defines the standard event 0, and a handful of shared and private dynamic events. Change-Id: I9d3d92a92cff646b8cc55eabda78e140deaa24e1 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Jeenu Viswambharan authored
Define number of priority bits, and allocate priority levels for SDEI. Change-Id: Ib6bb6c5c09397f7caef950c4caed5a737b3d4112 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Jeenu Viswambharan authored
The function arm_validate_ns_entrypoint() validates a given non-secure physical address. This function however specifically returns PSCI error codes. Non-secure physical address validation is potentially useful across ARM platforms, even for non-PSCI use cases. Therefore make this function common by returning 0 for success or -1 otherwise. Having made the function common, make arm_validate_psci_entrypoint() a wrapper around arm_validate_ns_entrypoint() which only translates return value into PSCI error codes. This wrapper is now used where arm_validate_ns_entrypoint() was currently used for PSCI entry point validation. Change-Id: Ic781fc3105d6d199fd8f53f01aba5baea0ebc310 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 09 Nov, 2017 1 commit
-
-
Antonio Nino Diaz authored
This initial port of the Secure Partitions Manager to FVP supports BL31 in both SRAM and Trusted DRAM. A document with instructions to build the SPM has been added. Change-Id: I4ea83ff0a659be77f2cd72eaf2302cdf8ba98b32 Co-authored-by: Douglas Raillard <douglas.raillard@arm.com> Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Co-authored-by: Achin Gupta <achin.gupta@arm.com> Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 25 Oct, 2017 1 commit
-
-
Qixiang Xu authored
For Trusted Board Boot, BL2 needs more space to support the ECDSA and ECDSA+RSA algorithms. Change-Id: Ie7eda9a1315ce836dbc6d18d6588f8d17891a92d Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 16 Oct, 2017 1 commit
-
-
Jeenu Viswambharan authored
An earlier patch added provision for the platform to provide secure interrupt properties. ARM platforms already has a list of interrupts that fall into different secure groups. This patch defines macros that enumerate interrupt properties in the same fashion, and points the driver driver data to a list of interrupt properties rather than list of secure interrupts on ARM platforms. The deprecated interrupt list definitions are however retained to support legacy builds. Configuration applied to individual interrupts remain unchanged, so no runtime behaviour change expected. NOTE: Platforms that use the arm/common function plat_arm_gic_driver_init() must replace their PLAT_ARM_G1S_IRQS and PLAT_ARM_G0_IRQS macro definitions with PLAT_ARM_G1S_IRQ_PROPS and PLAT_ARM_G0_IRQ_PROPS macros respectively, using the provided INTR_PROP_DESC macro. Change-Id: I24d643b83e3333753a3ba97d4b6fb71e16bb0952 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 11 Oct, 2017 2 commits
-
-
Soby Mathew authored
Provides GICv3 save/restore feature to arm_system_pwr_domain_resume and arm_system_pwr_domain_save functions. Introduce FVP PSCI power level 3 (System level) support. This is solely done to provide example code on how to use the GICv3 save and restore helpers. Also make CSS GICv3 platforms power off the Redistributor on SYSTEM SUSPEND as its state is saved and restored. Change-Id: I0d852f3af8824edee1a17c085cf593ddd33a4e77 Signed-off-by: Soby Mathew <soby.mathew@arm.com> Co-Authored-by: Douglas Raillard <douglas.raillard@arm.com>
-
Soby Mathew authored
Some recent enhancements to EL3 runtime firmware like support for save and restoring GICv3 register context during system_suspend necessitates additional data memory for the firmware. This patch introduces support for creating a TZC secured DDR carveout for use by ARM reference platforms. A new linker section `el3_tzc_dram` is created using platform supplied linker script and data marked with the attribute `arm_el3_tzc_dram` will be placed in this section. The FVP makefile now defines the `PLAT_EXTRA_LD_SCRIPT` variable to allow inclusion of the platform linker script by the top level BL31 linker script. Change-Id: I0e7f4a75a6ac51419c667875ff2677043df1585d Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 06 Oct, 2017 1 commit
-
-
David Cunado authored
The MEM_PROTECT support adds a MMAP region for DRAM2, which when building with TBBR support and OP-TEE tsp requires an additional entry in the MMAP region array in BL2 - PLAT_ARM_MMAP_ENTRIES is increased. The MEM_PROTECT support also adds a new region in BL31, and when BL31 is placed in DRAM, the memory mappings require an additional translation table - MAX_XLAT_TABLES is increased. Change-Id: I0b76260da817dcfd0b8f73a7193c36efda977625 Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 25 Sep, 2017 2 commits
-
-
Roberto Vargas authored
On ARM platforms, the maximum size of the address space is limited to 32-bits as defined in arm_def.h. In order to access DRAM2, which is defined beyond the 32-bit address space, the maximum address space is increased to 36-bits in AArch64. It is possible to increase the virtual space for AArch32, but it is more difficult and not supported for now. NOTE - the actual maximum memory address space is platform dependent and is checked at run-time by querying the PARange field in the ID_AA64MMFR0_EL1 register. Change-Id: I6cb05c78a63b1fed96db9a9773faca04a5b93d67 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
mem_protect needs some kind of non-volatile memory because it has to remember its state across reset and power down events. The most suitable electronic part for this feature is a NVRAM which should be only accesible from the secure world. Juno and FVP lack such hardware and for this reason the MEM_PROTECT functionality is implemented with Flash EEPROM memory on both boards, even though this memory is accesible from the non-secure world. This is done only to show a full implementation of these PSCI features, but an actual system shouldn't use a non-secure NVRAM to implement it. The EL3 runtime software will write the mem_protect flag and BL2 will read and clear the memory ranges if enabled. It is done in BL2 because it reduces the time that TF needs access to the full non-secure memory. The memory layout of both boards is defined using macros which take different values in Juno and FVP platforms. Generic platform helpers are added that use the platform specific macros to generate a mem_region_t that is valid for the platform. Change-Id: I2c6818ac091a2966fa07a52c5ddf8f6fde4941e9 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 22 Sep, 2017 1 commit
-
-
Qixiang Xu authored
For Trusted Board Boot, BL1 RW section and BL2 need more space to support the ECDSA algorithm. Specifically, PLAT_ARM_MAX_BL1_RW_SIZE is increased on ARM platforms. And on the Juno platform: - BL2 size, PLAT_ARM_MAX_BL2_SIZE is increased. - SCP_BL2 is loaded into the space defined by BL31_BASE -> BL31_RW_BASE. In order to maintain the same size space for SCP_BL2,PLAT_ARM_MAX_BL31_SIZE is increased. Change-Id: I379083f918b40ab1c765da4e71780d89f0058040 Co-Authored-By: David Cunado <david.cunado@arm.com> Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 12 Sep, 2017 1 commit
-
-
Qixiang Xu authored
The value of BL31_BASE currently depends on the size of BL31. This causes problems in the RESET_TO_BL31 case because the value of BL31_BASE is used in the model launch parameters, which often changes. Therefore, this patch fixes BL31_BASE to the middle of Trusted SRAM, to avoid further model parameter changes in future. Change-Id: I6d7fa4fe293717d84768974679539c0e0cb6d935 Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 06 Sep, 2017 2 commits
-
-
Soby Mathew authored
This patch does the required changes to enable CSS platforms to build and use the SDS framework. Since SDS is always coupled with SCMI protocol, the preexisting SCMI build flag is now renamed to `CSS_USE_SCMI_SDS_DRIVER` which will enable both SCMI and SDS on CSS platforms. Also some of the workarounds applied for SCMI are now removed with SDS in place. Change-Id: I94e8b93f05e3fe95e475c5501c25bec052588a9c Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Soby Mathew authored
This patch fixes the inconsistency with regards as to how BL2_BASE/BL2U_BASE and BL2_LIMIT/BL2U_LIMIT macros are defined when building Juno to run in AArch32 mode at EL3. In this case, BL32 is compiled for AArch32 whereas BL1 and BL2 are compiled for AArch64. This resulted in BL32 conditionally compiling a different definition of the above mentioned macros from BL1/BL2. This is fixed by taking into consideration the JUNO_AARCH32_EL3_RUNTIME build flag as well in the conditional compilation check. Change-Id: I27ac68aa4df0502089c1739c05366a9c509eb5be Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 05 Sep, 2017 1 commit
-
-
Soby Mathew authored
The commit 3eb2d672 optimizes the memory map for BL2 when TSP is not present. But this also broke OP-TEE as it was reusing the TSP mapping. This patch fixes this problem by adding a separate mapping for OP-TEE in the BL2 memory map table. Change-Id: I130a2ea552b7b62d8478081feb1f4ddf5292a118 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 31 Aug, 2017 1 commit
-
-
Sandrine Bailleux authored
This patch ensures that the ARM_MAP_TSP_SEC_MEM memory region is mapped in BL2 only if the TSPD has been included in the build. This saves one entry in the plat_arm_mmap[] array and avoids to map extra memory when it's not needed. Change-Id: I6ae60822ff8f0de198145925b0b0d45355179a94 Signed-off-by: Achin Gupta <achin.gupta@arm.com> Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 29 Aug, 2017 1 commit
-
-
Jeenu Viswambharan authored
The current definition of ARM_INSTANTIATE_LOCK macro includes a semicolon, which means it's omitted where it's used. This is anomalous for a C statement in global scope. Fix this by removing semicolon from the definition; and where it's a NOP, declare a file-scoped variable explicitly tagged as unused to avoid compiler warning. No functional changes. Change-Id: I2c1d92ece4777e272a025011e03b8003f3543335 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 25 Aug, 2017 1 commit
-
-
Jens Wiklander authored
Changes ARM_OPTEE_PAGEABLE_LOAD_BASE to end of ARM_AP_TZC_DRAM1. ARM_OPTEE_PAGEABLE_LOAD_SIZE is also increased to 4MB to optimize translation table usage. This change makes loading of paged part easier inside OP-TEE OS as the previous location of ARM_OPTEE_PAGEABLE_LOAD_BASE normally isn't mapped if paging is enabled. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-
- 22 Aug, 2017 2 commits
-
-
Roberto Vargas authored
NOR memory only supports setting bits to 1. To clear a bit, set to zero, the NOR memory needs to be erased. Change-Id: Ia82eb15a5af9a6d4fc7e5ea2b58e6db87226b351 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
lock/unlock operation must wait until WSM bit is set. Since we do not allow to loop forever then these functions must return an error if WSM bit isn't enabled after a number of tries. Change-Id: I21c9e292b514b28786ff4a225128bcd8c1bfa999 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 09 Aug, 2017 1 commit
-
-
Summer Qin authored
Trusted OS may have extra images to be loaded. Load them one by one and do the parsing. In this patch, ARM TF need to load up to 3 images for optee os: header, pager and paged images. Header image is the info about optee os and images. Pager image include pager code and data. Paged image include the paging parts using virtual memory. Change-Id: Ia3bcfa6d8a3ed7850deb5729654daca7b00be394 Signed-off-by: Summer Qin <summer.qin@arm.com>
-
- 02 Aug, 2017 1 commit
-
-
Jeenu Viswambharan authored
Revision C of the Base FVP has the same memory map as earlier revisions, but has the following differences: - Implements CCI550 instead of CCI400, - Has a single instantiation of SMMUv3, - CPU MPIDs are shifted left by one level, and has MT bit set in them. The correct interconnect to program is chosen at run time based on the FVP revision. Therefore, this patch implements FVP functions for interconnect programming, rather than depending on ARM generic ones. The macros used have been renamed to reflect this change. Additionally, this patch initializes SMMUv3 as part of FVP early platform setup. New ARM config flags are introduced for feature queries at run time. Change-Id: Ic7b7f080953a51fceaf62ce7daa6de0573801f09 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 25 Jul, 2017 1 commit
-
-
Dimitris Papastamos authored
Fixes ARM-software/tf-issues#479 Change-Id: Iadbde2595ad6a0ac3988d17e614c698986959277 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 20 Jul, 2017 1 commit
-
-
Soby Mathew authored
On ARM CSS platforms, the SCP_BL2/2U image is loaded below BL1 read-write data. This same memory is used to load BL31 later on. But sufficient checks were not done to ensure that the SCP_BL2 would not overwrite BL1 rw data. This patch adds the required CASSERT checks to prevent overwrite into BL1 or BL2 memory by load of SCP_BL2/2U. Also the size of BL31 is increased and SCP_BL2/2U size is decreased to accomodate it within the allocated region. Change-Id: I23b28b5e1589e91150852a06452bd52b273216ee Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 28 Jun, 2017 1 commit
-
-
Soby Mathew authored
This patch makes the necessary changes to enable ARM platform to successfully integrate CryptoCell during Trusted Board Boot. The changes are as follows: * A new build option `ARM_CRYPTOCELL_INTEG` is introduced to select the CryptoCell crypto driver for Trusted Board boot. * The TrustZone filter settings for Non Secure DRAM is modified to allow CryptoCell to read this memory. This is required to authenticate BL33 which is loaded into the Non Secure DDR. * The CSS platforms are modified to use coherent stacks in BL1 and BL2 when CryptoCell crypto is selected. This is because CryptoCell makes use of DMA to transfer data and the CryptoCell SBROM library allocates buffers on the stack during signature/hash verification. Change-Id: I1e6f6dcd1899784f1edeabfa2a9f279bbfb90e31 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 22 Jun, 2017 1 commit
-
-
dp-arm authored
SPE is only supported in non-secure state. Accesses to SPE specific registers from SEL1 will trap to EL3. During a world switch, before `TTBR` is modified the SPE profiling buffers are drained. This is to avoid a potential invalid memory access in SEL1. SPE is architecturally specified only for AArch64. Change-Id: I04a96427d9f9d586c331913d815fdc726855f6b0 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 20 Jun, 2017 1 commit
-
-
Dimitris Papastamos authored
On ARM platforms before exiting from SP_MIN ensure that the default console is switched to the runtime serial port. Change-Id: I0ca0d42cc47e345d56179eac16aa3d6712767c9b Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 05 Jun, 2017 2 commits
-
-
Soby Mathew authored
This patch adds the memory map region for the SCMI payload memory and maps the Juno core indices to SCMI power domains via the `plat_css_core_pos_to_scmi_dmn_id_map` array. Change-Id: I0d2bb2a719ff5b6a9d8e22e91e1625ab14453665 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Soby Mathew authored
This patch adds the SCMI driver for communicating with SCP. The power domain management and system power management protocol of the SCMI specification[1] is implemented in the driver. The SCP power management abstraction layer for SCMI for CSS power management is also added. A new buid option `CSS_USE_SCMI_DRIVER` is introduced to select SCMI driver over SCPI. [1] ARM System Control and Management Interface v1.0 (SCMI) Document number: ARM DEN 0056A Change-Id: I67265615a17e679a2afe810b9b0043711ba09dbb Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 23 May, 2017 1 commit
-
-
Masahiro Yamada authored
Platforms aligned with TBBR are supposed to use their own OIDs, but defining the same macros with different OIDs does not provide any value (at least technically). For easier use of TBBR, this commit allows platforms to reuse the OIDs obtained by ARM Ltd. This will be useful for non-ARM vendors that do not need their own extension fields in their certificate files. The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the backward compatibility. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 15 May, 2017 2 commits
-
-
Yatharth Kochar authored
Add support for firmware upgrade on AArch32. This patch has been tested on the FVP models. NOTE: Firmware upgrade on Juno AArch32 is not currently supported. Change-Id: I1ca8078214eaf86b46463edd14740120af930aec Signed-off-by: dp-arm <dimitris.papastamos@arm.com> Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>
-
dp-arm authored
This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode. To build this patch the "mbedtls/include/mbedtls/bignum.h" needs to be modified to remove `#define MBEDTLS_HAVE_UDBL` when `MBEDTLS_HAVE_INT32` is defined. This is a workaround for "https://github.com/ARMmbed/mbedtls/issues/708 " NOTE: TBBR support on Juno AArch32 is not currently supported. Change-Id: I86d80e30b9139adc4d9663f112801ece42deafcf Signed-off-by: dp-arm <dimitris.papastamos@arm.com> Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>
-